Some Siemens Medical Imaging Devices Vulnerable to Hackers

While the company is downplaying the risk to patients, some security experts say the vulnerabilities could pave the way for malicious attacks, including ransomware attacks, if they are not patched.The alert from DHS’ Industrial Control Systems Cyber Emergency Response Team says Munich, Germany-based Siemens identified four vulnerabilities in the medical imaging products and is preparing patches.”These vulnerabilities could be exploited remotely,” DHS notes. “Exploits that target these vulnerabilities are known to be publicly available. Successful exploitation of these vulnerabilities may allow the attacker to remotely execute arbitrary code. Impact to individual organizations depends on many factors that are unique to each organization.”ICS-CERT recommends that healthcare organizations using the devices evaluate the impact of these vulnerabilities based on their operational environment and specific clinical usage.